After the identification, authentication, and authorization process, a session is created so that the user can interact with the system for a certain amount of time without having to pass these three steps each time. Tokens are used to identify those sessions. By default, in OpenStack, from the Icehouse release, all sessions expire after 1 hour, while previous releases used 24 hours as the session lifespan. It may make sense to reduce this time even more, since if an malicious user can take control of a machine within a valid session, he will be able to act as if he is the owner of the session. Decreasing the length of sessions means reducing the window in which an attacker can steal a session.
OpenStack Cloud Security
By :
OpenStack Cloud Security
By:
Overview of this book
Table of Contents (14 chapters)
OpenStack Cloud Security
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
First Things First – Creating a Safe Environment
OpenStack Security Challenges
Securing OpenStack Networking
Securing OpenStack Communications and Its API
Securing the OpenStack Identification and Authentication System and Its Dashboard
Securing OpenStack Storage
Securing the Hypervisor
Index
Customer Reviews